System and method for controlling access to personal user data

ABSTRACT

Disclosed are system and methods for controlling access of a consumer to personal data of a user. An example method includes: collecting information about the consumer of personal data; comparing the collected information with one or more templates containing risk criteria to determine whether a risk is associated with the consumer; setting, based on the determined risk, consumer access parameters for access of the consumer to the personal information of the user; and controlling access of the consumer to the personal data of the user based on the set consumer access parameters.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims benefit of priority under 35 U.S.C. 119(a)-(d)to a Russian Application No. 2015111426 filed on Mar. 31, 2015, which isincorporated by reference herein.

FIELD OF TECHNOLOGY

The present disclosure relates generally the field of computer security,and more specifically, to systems and methods for controlling access ofa consumer to personal data of a user.

BACKGROUND

At present, services and applications are collecting a mass of personalinformation about the user (behavior on the net and on the device, datasets, actions on the Internet, location, contacts with other users,etc.). This is occurring in both a clear and clandestine manner, andvery often without awareness by the user of the data collection. Neitheris the user aware of how the data collected is used afterwards, orwhether he can control this process.

Systems of centralized control of personal user information are beingcreated to help the user exercise control over the use of his ownpersonal data. These systems allow one to control the personal userdata, to determine and monitor the volume of personal informationcollected and saved (such as a set of personal documents, date of birth,location, passwords for authorization on other services, history ofactions on the Internet, characteristic behavior patterns, gender,family status), to determine the level of access by services to thisinformation (from total anonymity to a fully open profile), and to carryout an authorization of services when accessing the personal user data.As an example of the functioning of such systems, one can mentiontechnologies such as MS Account, Apple ID, Google Account, MozillaPersona.

However, the process of granting and revoking access rights to personaldata is in no way automated, and the user is forced to control thisprocess by hand. For example, patent application US20140143886A1describes a system for control of personal data which lets the user fromany given device manually revoke access rights to his personal data.

Thus, there is a need to automate the process of control of personaluser data.

SUMMARY

Disclosed are system and methods for controlling access of a consumer topersonal data of a user. One technical result of the disclosed systemand methods consists in an automated control of access to personal dataof the user by changing the parameters of access to personal data as afunction of risks associated with the consumer of personal data.

An example method for controlling access of a consumer to personal dataof a user includes: collecting information about the consumer ofpersonal data; comparing, by a hardware processor, the collectedinformation with one or more templates containing risk criteria todetermine whether a risk is associated with the consumer; setting, basedon the determined risk, by the hardware processor, consumer accessparameters for access of the consumer to the personal information of theuser; and controlling, by the hardware processor, access of the consumerto the personal data of the user based on the set consumer accessparameters.

In one example aspect, the received consumer data include at least oneof: parameters of the personal information consumer, wherein theparameters comprise at least one of: a consumer service price for theuser, a total price of consumer services provided to the user, and alocation of the server storing the personal information of the user;statistics about the personal information consumer, wherein thestatistics comprise at least one of: a number of user complaints over atime interval, a number of a specific type of incidents per over a timeinterval, a rating of the personal information consumer, and a number ofusers using a service provided by the consumer; notifications about thepersonal information consumer, wherein the notifications comprise atleast one of: a notification from the consumer about server maintenance,and a notification of broken connection to a customer server; andsecurity incident reports about the personal information consumer,wherein the reports comprise at least one of: a report of potentialunauthorized access to a consumer server, and a report of a personaldata theft from the consumer.

In one example aspect, the consumer data is received from at least oneof: an external or internal monitoring system; a notification system; auser security application; and the consumer.

In one example aspect, the set of templates includes at least one of: aglobal set of templates; and a local set of templates specific to theuser.

In one example aspect, the risk event is: a political risk event; areputational risk event; a financial risk event; a security risk event;or a legal risk event.

In one example aspect, the setting of consumer access parametersincludes at least one of: changing consumer's time limits of access tothe personal information of the user; revoking consumer's accessprivileges to the personal information of the user; granting consumeraccess privileges to the personal information of the user; blockingconsumer's access to the personal information of the user; grantingconsumer access to the personal information of the user; and rejectingservices provided by the consumer.

In one example aspect, each template includes a set of criteria; whereineach criterion is assigned a numeric value based on the receivedconsumer data; and wherein the detecting whether a risk event existsincludes at least one of: comparing a linear function of criteria with anumeric threshold; comparing a numeric function of criteria with anumeric threshold; applying a neural network algorithm to the set ofcriteria; and applying a fuzzy logic algorithm to the set of criteria.

In another aspect, a example system for controlling access of a consumerto personal data of a user, comprising: an collection module executableon a hardware processor and configured to: collect information about theconsumer of personal data; an template storage module configured to:store a plurality of templates containing risk criteria; an analysismodule executable on the hardware processor and configured to: comparethe collected information with the one or more templates to determinewhether a risk is associated with the consumer; and an access controlmodule executable on a hardware processor and configured to: set, basedon the determined risk, consumer access parameters for access of theconsumer to the personal information of the user; and control access ofthe consumer to the personal data of the user based on the set consumeraccess parameters.

In another aspect, an example computer program product stored on anon-transitory computer-readable medium for controlling access of aconsumer to personal data of a user, the computer product includingcomputer-executable instructions for: collecting information about theconsumer of personal data; comparing the collected information with oneor more templates containing risk criteria to determine whether a riskis associated with the consumer; setting, based on the determined risk,consumer access parameters for access of the consumer to the personalinformation of the user; and controlling access of the consumer to thepersonal data of the user based on the set consumer access parameters.

The above simplified summary of example aspects serves to provide abasic understanding of the present disclosure. This summary is not anextensive overview of all contemplated aspects, and is intended toneither identify key or critical elements of all aspects nor delineatethe scope of any or all aspects of the present disclosure. Its solepurpose is to present one or more aspects in a simplified form as aprelude to the more detailed description of the disclosure that follows.To the accomplishment of the foregoing, the one or more aspects of thepresent disclosure include the features described and particularlypointed out in the claims.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 shows a block diagram of an example user's interaction withconsumers of personal data via a system of centralized control ofpersonal data.

FIG. 2 shows a block diagram of an example system for control of accessto personal user data.

FIG. 3 shows a flow diagram of an example method of control of access topersonal user data.

FIG. 4 shows an example of a general-purpose computer system that may beused to implement systems and methods for control of access to personaluser data.

DETAILED DESCRIPTION

Example aspects are described herein in the context of a system, methodand computer program product for controlling access of a consumer ofpersonal information to personal information of a user. Those ofordinary skill in the art will realize that the following description isillustrative only and is not intended to be in any way limiting. Otheraspects will readily suggest themselves to those skilled in the arthaving the benefit of this disclosure. Reference will now be made indetail to implementations of the example aspects as illustrated in theaccompanying drawings. The same reference indicators will be used to theextent possible throughout the drawings and the following description torefer to the same or like items.

As used herein, the term “consumer of personal data” (the terms “data”and “information” will be used interchangeably herein), may include aservice, an application, or a device working with personal user data. Aconsumer of personal data may be connected to a system of centralizedcontrol of personal user data, a description of which is provided below.An example of a consumer of personal data is Facebook or any othersocial network in which personal user data is processed. Control of theaccount of the user of any given social network can be done through asystem of centralized control of personal user data. A consumer ofpersonal data may be not only a social network or a cloud service, inthe near future, as the Internet of Things is developed (a concept of acomputing network of physical objects including embedded technologiesfor interacting with each other or with the environment), the consumersof personal data may be the physical objects in our environment,including TV sets (this has happed already), consumer appliances, cars,furniture, and clothing. The present disclosure allows controlling theusage of the personal user data by the consumers of personal data and toreact promptly in response to various changes in the process.

FIG. 1 shows a diagram of an example user's interaction with consumersof personal data via a system of centralized control of personal data.The actual system of centralized control of personal data 100 mayconstitute a server or group of servers connected to a database 110 inwhich the personal user data is contained—the user profiles which theywould like to control, with all the personal information needed for areliable authentication of the user or for the working of consumers ofpersonal data. In one aspect, the database 110 can be defined by thelocation where the data is stored, the number of servers, and theirphysical locations; for example, the data stored in it may belong tosome particular company or government. In another example aspect, thedata may be decentralized and distributed among database nodes such thatthe full information set is not concentrated at any one node. The user111 may store his personal information either in a public decentralizedrepository or in a personal repository (e.g., on his own portable datastorage medium), being able to select the information storage country orthe company where the information is stored. Access to this data may beperformed via the system of centralized control of personal data 100directly, for example, through a web interface of the system, or via adevice of the user 111. The system 100 may have application programminginterfaces (API) for control of the personal user data and interactionwith consumers of personal data 101, 102, 103. A system for control ofaccess to personal user data 120 may be part of the system 100.

FIG. 2 shows a diagram of an example system for control of access topersonal data 120, which includes: a collection module 201, an analysismodule 202, an access control module 203 and a template storage module204. The collection module 201 is configured to collect information onthe consumers of personal data. The information may include, but notlimited to:

-   -   parameters of the consumers of personal data (such as the cost        of the particular service provided to the user, or the total        cost of all services provided to the user or the geographical        location of the server on which the personal user data is being        stored, provisions of the licensing agreement with the user, and        so on);    -   statistical data on the consumers of personal data (for example,        the number of complaints from users or incidents of a particular        type in a selected interval of time or the rating of the        consumer of personal data or the number of users making use of a        particular service, and so on);    -   notifications (e.g., messages) pertaining to the consumers of        personal data, including notifications sent by the consumer of        personal data itself in the context of the system of centralized        control of personal data 100 shown in FIG. 1 (for example, a        notification from the consumer of personal data as to scheduled        repair work on the server or a notification as to no connection        between the server and the consumer of personal data);    -   security incidents and events involving the consumers of        personal data (for example, information as to a potential        hacking of the servers of the consumer of personal data or an        actual theft of personal user data, and so on); and    -   any other data sets having a connection to the consumers of        personal data.

Information may be collected from various sources, such as:

-   -   monitoring systems (external or internal with respect the system        of centralized control of personal data 100);    -   notification systems within the system of centralized control of        personal data 100;    -   security applications installed on the computers of the users        interacting with the consumers of personal data;    -   the actual consumers of personal data.

The collection module 201 transmits the information collected in regardto the consumers of personal data to the analysis module 202.

In one example aspect, the analysis module 202 performs an analysis ofthe information collected to identify risks associated with theconsumers of personal data. Risks may be of different types: political,reputational, financial, security risks, legal risks, and so on. Forexample, a user pays for a cloud (or remote) file repository service atone of the consumers of personal data. If the cost of the serviceincreases, and the user overlooks the notification from the consumer ofpersonal data stating that the user should give up the service by agiven date if he does not agree with the new cost, then if the user doesnot give up the service he will be forced to pay the increased cost, andthus incur a loss. In this regard, the user incurs financial risks.Another example, is the situation when the usage rules within an enduser license agreement (EULA) with respect to one of the servicesprovided to the user by the consumer of personal data change to theuser's detriment, for example, to allow transmission of personal data toa third party, which may contradict user's confidentiality requirements.The analysis module 202 monitors information arriving from varioussources and automatically make a decision (for example, to automaticallygive up the service being provided by the consumer of personal data)when the corresponding risks are identified (e.g., week data privacy).In one aspect, the analysis module 202 uses templates from the templatestorage module 204 to identify risks. Each template from the templatestorage module 204 consists of at least one risk criterion. In aparticular instance, the risk criterion is a feature, a condition or adecision-making rule for identifying the correspondence of something togiven risk requirements. If the information collected with respect to aspecific consumer of personal data corresponds to the requirements ofthe template, then a risk is identified for this consumer of personaldata.

In one example aspect, the template storage module 204 can include aglobal list of templates and a local list of templates. The templatesfrom the global list of templates are configured to identify risksassociated with groups of users, for example, a template identifying arisk of theft of payment information from personal data. The templatesfrom the local list of templates are intended to identify risks inregard to a particular user. The templates from the local list oftemplates can be formed automatically from the user's requirements onthe consumers of personal data or be specified by hand by the users.Such templates will apply only to a particular user. The templates maybe grouped with respect to other properties, for example, in accordancewith the type of risks identified by these templates.

In one example aspect, the analysis module 202 may sue templates withone or more criteria to identify risk by comparing the templates fromthe template storage module 204 with the information obtained from thecollection module 201. Thus, a search is made for exact matches, forexample, when processing the parameters of the consumers of personaldata, notifications in the context of the system of centralized controlof personal data 100 or messages from the monitoring system, as well asany other data having a predetermined format and message structure. Forexample, the country where the user resides introduces changes to thelaws requiring all consumers of personal data to store the personal dataof its citizens within the country. For this situation, a template isgenerated from the global list of templates with a single criterion,performing check of the parameters of the consumers of personal datapertaining to the country of storage of the personal data of users whoare citizens of the country having introduced the changes in its laws.Based on the results of the check, the corresponding users can benotified as to the presence of legal risks in regard to at least oneconsumer of personal data, or instead the system for control of accessto personal user data 120 may automatically block access or revoke theaccess rights to personal data of the corresponding users until suchtime as the identified risk has been removed.

In another example aspect, the analysis module 202 may use heuristicanalyzers to identify risks associated with the consumers of personaldata by using templates consisting of sets of criteria linked by logicaloperators (such as AND/OR operators). Each criterion can be assignedeither a Boolean value or a certain discrete value. For example, acriterion identifying a certain message received from the monitoringsystems will take on a value of 1—message identified, or 0—no message.In another example aspect, the criterion takes on a value from 0 to 10,where 0 means no incidents related to loss of personal user data by theconsumer of personal data and 10 means frequent incidents. The criteriamay include actions of users similar to the current user. For example,if among the users with the same country of residence as the currentuser the number of rejections of PayPal electronic wallet servicesincreases abruptly, the current user can be at least informed of thisfact. Each of the criteria may have a significance factor, reflectingthe importance of the criterion used. This factor is designated, orhard-coded. The use of this factor makes it possible to allow fordifferences in the significance of the criteria when identifying a risk.For templates consisting of more than one criterion, one can usedifferent methods of risk identification, such as: a neural net, fuzzylogic, summation with weighting of criteria. For example, when using themethod of summation with weighting of criteria for a template consistingof n criteria, it is necessary to compute the total factor forfulfillment of the template by the following formula:Kf=X1*Kr1+X2*Kr2+X3*Kr3+ . . . +Xn*Krn, where:

Kf—is the factor for fulfillment of the template;

Xn—is the significance factor of the n-th criterion;

Krn—is the criterion value of the n-th criterion.

Then, to identify the risk corresponding to the particular template, onecan use a predetermined numeric threshold value (chosen empirically, forexample), which is compared to the calculated factor for fulfillment ofthe template. For example, if the factor for fulfillment of the templateexceeds a numeric threshold value, then a risk corresponding to thetemplate is deemed to have been identified, and the analysis module 202will send appropriate instructions to the access control module 203.

In one example aspect, the access control module 203 is configured tochange the consumer access parameters to personal data on the basis ofthe identified risks with respect to the consumer of personal data. Thechanging of the consumer access parameters to personal data includes,but not limited to:

-   -   changing the period of validity for access rights to personal        user data;    -   revoking of access rights to personal user data;    -   granting access rights to personal user data;    -   blocking access to personal user data;    -   allowing access to personal user data; and    -   giving up a service being provided by a consumer of personal        data.

In one example aspect, specific corresponding changes of accessparameters may be assigned to specific templates. For example, upondetecting a risk with a template A, the access control module 203 mayblock access to the personal user data for the consumer of personaldata. The specific changes of access parameters may be assigned to atype of risk common to several templates. For example, upon detecting afinancial risk, the access control module 203 may automatically cancelthe service provided by the consumer of personal data.

In another example aspect, the changes of access parameters may dependon how much the factor for fulfillment of the template exceeds a numericthreshold value. For example, if factor for fulfillment of the templateexceeds a numeric threshold value by not more than 0.05, the accesscontrol module 203 may notify the user about the identified risk withoutchanging the access parameters automatically and, in cases of greaterexcess, revoke access rights to the personal user data.

FIG. 3 shows a block diagram of an example method of control of accessto personal user data. In step 301, the method collects informationabout the consumers of personal user data. The information collected canbe standardized or converted into a format convenient for making acomparison with the templates. In step 302, the method analyzesinformation collected in order to determine risks relating to theconsumers of personal data. In the course of the analysis, theinformation collected in step 302 is compared to the templates. If thetemplate contains more than one criterion, significance factors of thecriteria and a numeric threshold value may be used to identify the riskcorresponding to the given template. At step 303, the method identifiesthe risks related to the consumers of personal data. A risk isidentified if the information collected in step 301 matches orcorresponds to a criteria in the template. After this, in step 304, themethod changes the consumer access parameters to the personal data basedon the identified risks with respect to the consumer of personal data.

FIG. 4 shows an example of a general-purpose computer system (which maybe a personal computer or a server) 20, which may be used to implementaspects of system and methods disclosed herein. The computer system 20includes a central processing unit 21, a system memory 22 and a systembus 23 connecting the various system components, including the memoryassociated with the central processing unit 21. The system bus 23 isrealized like any bus structure known from the prior art, including inturn a bus memory or bus memory controller, a peripheral bus and a localbus, which is able to interact with any other bus architecture. Thesystem memory includes read only memory (ROM) 24 and random-accessmemory (RAM) 25. The basic input/output system (BIOS) 26 includes thebasic procedures ensuring the transfer of information between elementsof the personal computer 20, such as those at the time of loading theoperating system with the use of the ROM 24.

The personal computer 20, in turn, includes a hard disk 27 for readingand writing of data, a magnetic disk drive 28 for reading and writing onremovable magnetic disks 29 and an optical drive 30 for reading andwriting on removable optical disks 31, such as CD-ROM, DVD-ROM and otheroptical information media. The hard disk 27, the magnetic disk drive 28,and the optical drive 30 are connected to the system bus 23 across thehard disk interface 32, the magnetic disk interface 33 and the opticaldrive interface 34, respectively. The drives and the correspondingcomputer information media are power-independent modules for storage ofcomputer instructions, data structures, program modules and other dataof the personal computer 20.

The present disclosure provides the implementation of a system that usesa hard disk 27, a removable magnetic disk 29 and a removable opticaldisk 31, but it should be understood that it is possible to employ othertypes of computer information media 56 which are able to store data in aform readable by a computer (solid state drives, flash memory cards,digital disks, random-access memory (RAM) and so on), which areconnected to the system bus 23 via the controller 55.

The computer 20 has a file system 36, where the recorded operatingsystem 35 is kept, and also additional program applications 37, otherprogram modules 38 and program data 39. The user is able to entercommands and information into the personal computer 20 by using inputdevices (keyboard 40, mouse 42). Other input devices (not shown) can beused: microphone, joystick, game controller, scanner, and so on. Suchinput devices usually plug into the computer system 20 through a serialport 46, which in turn is connected to the system bus, but they can beconnected in other ways, for example, with the aid of a parallel port, agame port or a universal serial bus (USB). A monitor 47 or other type ofdisplay device is also connected to the system bus 23 across aninterface, such as a video adapter 48. In addition to the monitor 47,the personal computer can be equipped with other peripheral outputdevices (not shown), such as loudspeakers, a printer, and so on.

The personal computer 20 is able to operate in a network environment,using a network connection to one or more remote computers 49. Theremote computer (or computers) 49 are also personal computers or servershaving the majority or all of the aforementioned elements in describingthe nature of a personal computer 20, as shown in FIG. 3. Other devicescan also be present in the computer network, such as routers, networkstations, peer devices or other network nodes.

Network connections can form a local-area computer network (LAN) 50,such as a wired and/or wireless network, and a wide-area computernetwork (WAN). Such networks are used in corporate computer networks andinternal company networks, and they generally have access to theInternet. In LAN or WAN networks, the personal computer 20 is connectedto the local-area network 50 across a network adapter or networkinterface 51. When networks are used, the personal computer 20 canemploy a modem 54 or other modules for providing communications with awide-area computer network such as the Internet. The modem 54, which isan internal or external device, is connected to the system bus 23 by aserial port 46. It should be noted that the network connections are onlyexamples and need not depict the exact configuration of the network,i.e., in reality there are other ways of establishing a connection ofone computer to another by technical communication modules, such asBluetooth.

In various aspects, the systems and methods described herein may beimplemented in hardware, software, firmware, or any combination thereof.If implemented in software, the methods may be stored as one or moreinstructions or code on a non-transitory computer-readable medium.Computer-readable medium includes data storage. By way of example, andnot limitation, such computer-readable medium can comprise RAM, ROM,EEPROM, CD-ROM, Flash memory or other types of electric, magnetic, oroptical storage medium, or any other medium that can be used to carry orstore desired program code in the form of instructions or datastructures and that can be accessed by a processor of a general purposecomputer.

In various aspects, the systems and methods described in the presentdisclosure in terms of modules. The term “module” as used herein refersto a real-world device, component, or arrangement of componentsimplemented using hardware, such as by an application specificintegrated circuit (ASIC) or field-programmable gate array (FPGA), forexample, or as a combination of hardware and software, such as by amicroprocessor system and a set of instructions to implement themodule's functionality, which (while being executed) transform themicroprocessor system into a special-purpose device. A module can alsobe implemented as a combination of the two, with certain functionsfacilitated by hardware alone, and other functions facilitated by acombination of hardware and software. In certain implementations, atleast a portion, and in some cases, all, of a module can be executed onthe processor of a general purpose computer (such as the one describedin greater detail in FIG. 3 above). Accordingly, each module can berealized in a variety of suitable configurations, and should not belimited to any particular implementation exemplified herein.

In the interest of clarity, not all of the routine features of theaspects are disclosed herein. It will be appreciated that in thedevelopment of any actual implementation of the present disclosure,numerous implementation-specific decisions must be made in order toachieve the developer's specific goals, and that these specific goalswill vary for different implementations and different developers. Itwill be appreciated that such a development effort might be complex andtime-consuming, but would nevertheless be a routine undertaking ofengineering for those of ordinary skill in the art having the benefit ofthis disclosure.

Furthermore, it is to be understood that the phraseology or terminologyused herein is for the purpose of description and not of restriction,such that the terminology or phraseology of the present specification isto be interpreted by the skilled in the art in light of the teachingsand guidance presented herein, in combination with the knowledge of theskilled in the relevant art(s). Moreover, it is not intended for anyterm in the specification or claims to be ascribed an uncommon orspecial meaning unless explicitly set forth as such.

The various aspects disclosed herein encompass present and future knownequivalents to the known modules referred to herein by way ofillustration. Moreover, while aspects and applications have been shownand described, it would be apparent to those skilled in the art havingthe benefit of this disclosure that many more modifications thanmentioned above are possible without departing from the inventiveconcepts disclosed herein.

The invention claimed is:
 1. A method for controlling access of aconsumer to personal data of a user, comprising: collecting informationabout the consumer of personal data, wherein the collected informationcomprises at least one of a plurality of elements including serviceusage parameters associated with the consumer, statistical dataassociated with the consumer, and security incidents involving theconsumer; comparing, by a hardware processor, the collected informationwith one or more templates to determine a risk that is associated withthe consumer, wherein each template includes a set of criteriacorresponding to at least two of the plurality of elements, eachcriterion is assigned a numeric value and a weighting factor based onthe collected information, and the risk corresponds to a summation ofthe numeric value and weighting factor of each criterion; setting, basedon the determined risk, by the hardware processor, consumer accessparameters for the consumer to access the personal data of the user;controlling, by the hardware processor, access of the consumer to thepersonal data of the user based on the consumer access parameters;automatically modifying the consumer access parameters upon detectingthat the summation exceeds a selected range of a defined thresholdvalue; and notifying the user, without modifying the consumer accessparameters, of the risk upon detecting that the summation does notexceed the selected range of the defined threshold value.
 2. The methodof claim 1, wherein the service usage parameters comprise at least oneof: a consumer service price for the user, a total price of consumerservices provided to the user, a location of the server storing thepersonal information of the user, and wherein the statistical datacomprises at least one of: a number of user complaints over a timeinterval, a number of a specific type of incidents per over a timeinterval, a rating of the personal information consumer, and a number ofusers using a service provided by the consumer; and wherein the securityincidents comprise at least one of: a report of potential unauthorizedaccess to a consumer server, and a report of a personal data theft fromthe consumer, wherein the collected information further comprisingnotifications about the personal information consumer, wherein thenotifications comprise at least one of: a notification from the consumerabout server maintenance, and a notification of broken connection to acustomer server.
 3. The method of claim 1, wherein the information aboutthe consumer is received from at least one of: an external or internalmonitoring system; a notification system; a user security application;and the consumer.
 4. The method of claim 1, wherein the set of templatesincludes: a global set of templates configured to identify risksassociated with groups of users; and a local set of templates indicatingrisks specific to the user.
 5. The method of claim 1, wherein the riskincludes at least on of: a political risk; a reputational risk; afinancial risk; a security risk; and a legal risk.
 6. The method ofclaim 1, wherein the setting of consumer access parameters includes atleast one of: changing consumer's time limits of access to the personaldata of the user; revoking consumer's access privileges to the personaldata of the user; granting consumer access privileges to the personaldata of the user; blocking consumer's access to the personal data of theuser; granting consumer access to the personal data of the user; andrejecting services provided by the consumer.
 7. The method of claim 1,wherein the detecting whether a risk exists includes at least one of:comparing a linear function of criteria with a numeric threshold;comparing a numeric function of criteria with a numeric threshold;applying a neural network algorithm to the set of criteria; and applyinga fuzzy logic algorithm to the set of criteria.
 8. A system forcontrolling access of a consumer to personal data of a user, comprising:a collection module executable on a hardware processor and configuredto: collect information about the consumer of personal data, wherein thecollected information comprises at least one of a plurality of elementsincluding service usage parameters associated with the consumer,statistical data associated with the consumer, and security incidentsinvolving the consumer; a template storage module configured to: store aplurality of templates containing risk criteria; an analysis moduleexecutable on the hardware processor and configured to: compare thecollected information with the one or more templates to determine a riskthat is associated with the consumer, wherein each template includes aset of criteria corresponding to at least two of the plurality ofelements, each criterion is assigned a numeric value and a weightingfactor based on the collected information, and the risk corresponds to asummation of the numeric value and weighting factor of each criterion;and an access control module executable on the hardware processor andconfigured to: set, based on the determined risk, consumer accessparameters for the consumer to access the personal data of the user;control access of the consumer to the personal data of the user based onthe consumer access parameters; and automatically modify the consumeraccess parameters upon detecting that the summation exceeds a selectedrange of a defined threshold value; and notify the user, withoutmodifying the consumer access parameters, of the risk upon detectingthat the summation does not exceed the selected range of the definedthreshold value.
 9. The system of claim 8, wherein the service usageparameters comprise at least one of: a consumer service price for theuser, a total price of consumer services provided to the user, alocation of the server storing the personal information of the user, andwherein the statistical data comprises at least one of: a number of usercomplaints over a time interval, a number of a specific type ofincidents per over a time interval, a rating of the personal informationconsumer, and a number of users using a service provided by theconsumer; and wherein the security incidents comprise at least one of: areport of potential unauthorized access to a consumer server, and areport of a personal data theft from the consumer, wherein the collectedinformation further comprising notifications about the personalinformation consumer, wherein the notifications comprise at least oneof: a notification from the consumer about server maintenance, and anotification of broken connection to a customer server.
 10. The systemof claim 8, wherein the information about the consumers received from atleast one of: an external or internal monitoring system; a notificationsystem; a user security application; and the consumer.
 11. The system ofclaim 8, wherein the set of templates includes: a global set oftemplates configured to identify risks associated with groups of users;and a local set of templates indicating risks specific to the user. 12.The system of claim 8, wherein the risk includes at least on of: apolitical risk; a reputational risk; a financial risk; a security risk;and a legal risk.
 13. The system of claim 8, wherein the setting ofconsumer access parameters includes at least one of: changing consumer'stime limits of access to the personal data of the user; revokingconsumer's access privileges to the personal data of the user; grantingconsumer access privileges to the personal data of the user; blockingconsumer's access to the personal data of the user; granting consumeraccess to the personal data of the user; and rejecting services providedby the consumer.
 14. The system of claim 8, wherein the detectingwhether a risk exists includes at least one of: comparing a linearfunction of criteria with a numeric threshold; comparing a numericfunction of criteria with a numeric threshold; applying a neural networkalgorithm to the set of criteria; and applying a fuzzy logic algorithmto the set of criteria.
 15. A non-transitory computer-readable mediumstoring computer executable instructions for controlling access of aconsumer to personal data of a user, including instructions for:collecting information about the consumer of personal data, wherein thecollected information comprises at least one of a plurality of elementsincluding service usage parameters associated with the consumer,statistical data associated with the consumer, and security incidentsinvolving the consumer; comparing, by a hardware processor, thecollected information with one or more templates to determine a riskthat is associated with the consumer, wherein each template includes aset of criteria corresponding to at least two of the plurality ofelements, each criterion is assigned a numeric value and a weightingfactor based on the collected information, and the risk corresponds to asummation of the numeric value and weighting factor of each criterion;setting, based on the determined risk, by the hardware processor,consumer access parameters for the consumer to access the personal dataof the user; controlling, by the hardware processor, access of theconsumer to the personal data of the user based on the consumer accessparameters; automatically modifying the consumer access parameters upondetecting that the summation exceeds a selected range of a definedthreshold value; and notifying the user, without modifying the consumeraccess parameters, of the risk upon detecting that the summation doesnot exceed the selected range of the defined threshold value.
 16. Thenon-transitory computer-readable medium of claim 15, wherein the serviceusage parameters comprise at least one of: a consumer service price forthe user, a total price of consumer services provided to the user, alocation of the server storing the personal information of the user, andwherein the statistical data comprises at least one of: a number of usercomplaints over a time interval, a number of a specific type ofincidents per over a time interval, a rating of the personal informationconsumer, and a number of users using a service provided by theconsumer; and wherein the security incidents comprise at least one of: areport of potential unauthorized access to a consumer server, and areport of a personal data theft from the consumer, wherein the collectedinformation further comprising notifications about the personalinformation consumer, wherein the notifications comprise at least oneof: a notification from the consumer about server maintenance, and anotification of broken connection to a customer server.
 17. The computerprogram product of claim 15, wherein the set of templates includes atleast one of: a global set of templates; and a local set of templatesspecific to the user.
 18. The non-transitory computer-readable medium ofclaim 15, wherein the risk includes at least on of: a political risk; areputational risk; a financial risk; a security risk; and a legal risk.19. The computer program product of claim 15, wherein the setting ofconsumer access parameters includes at least one of: changing consumer'stime limits of access to the personal information of the user; revokingconsumer's access privileges to the personal information of the user;granting consumer access privileges to the personal information of theuser; blocking consumer's access to the personal information of theuser; granting consumer access to the personal information of the user;and rejecting services provided by the consumer.
 20. The computerprogram product of claim 15, wherein the detecting whether a risk eventexists includes at least one of: comparing a linear function of criteriawith a numeric threshold; comparing a numeric function of criteria witha numeric threshold; applying a neural network algorithm to the set ofcriteria; and applying a fuzzy logic algorithm to the set of criteria.